I don't even pretend to be a security expert by any means, I find this article confusing.....
It seems to be a high vulnerability, but when I read the sentence "It has long been theorized that attackers can manipulate the process to make educated guesses about the contents of the plaintext blocks." What exactly are they saying here? Are these blocks originally encrypted? If so, once they manage to decrypt them, how do they make these "educated guesses"? Does it take minutes/hours/days to come up with a correct guess? Don Guyer Windows Systems Engineer RIM Operations Engineering Distributed - A Team, Tier 2 Enterprise Technology Group Fiserv don.gu...@fiserv.com Office: 1-800-523-7282 x 1673 Fax: 610-233-0404 www.fiserv.com <http://www.fiserv.com/> From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Thursday, September 22, 2011 8:13 AM To: NT System Admin Issues Subject: RE: SSL hack +1 this does not require MITM from what I have read and heard. Its Javascript that performs the role of the malicious actor and its payload, which unfortunately, most browsers have on for web sites they do business with to function, which also leaves the door up for malware/spyware,. Drive by downloads. Z Edward E. Ziots CISSP, Network +, Security + Security Engineer Lifespan Organization Email:ezi...@lifespan.org Cell:401-639-3505 From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Wednesday, September 21, 2011 10:25 AM To: NT System Admin Issues Subject: Re: SSL hack cross check your source ... my sources show this does NOT require MITM, just sniffing proximity, and client side soft(mal)ware injection, which individually proves not to be difficult, just requires a bit of coordination for both parts now. On Wed, Sep 21, 2011 at 10:11 AM, Kennedy, Jim < kennedy...@elyriaschools.org> wrote: Ok, I have some insight on this one from a very trusted source. 1) It requires a successful man in the middle attack which is not that easy to do with SSL and it requires you to be on the same subnet as the victim or the SSL host. 2) The attack has been around for years, the only thing new here is that someone sort of built a tool to do it and is getting press coverage. 3) Very low risk. 4) Part of the exploit will be killed very quickly now that it has gone public. I am putting my SSL certs back in now. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, September 21, 2011 10:00 AM To: NT System Admin Issues Subject: Re: SSL hack LOL ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... On Wed, Sep 21, 2011 at 8:39 AM, Kennedy, Jim < kennedy...@elyriaschools.org> wrote: I removed all my SSL certs, so they can't hack them. Just running straight http, let's see them beat that! From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Wednesday, September 21, 2011 8:39 AM To: NT System Admin Issues Subject: Re: SSL hack I think everyone is cowering in their foxholes right now... On Wed, Sep 21, 2011 at 8:33 AM, Erik Goldoff <egold...@gmail.com> wrote: Hmmmm, looks like something I posted yesterday ... maybe you'll get more response. On Wed, Sep 21, 2011 at 8:30 AM, Steven M. Caesare < scaes...@caesare.com> wrote: Interesting, and potentially significant: http://www.theregister.co.uk/2011/09/19/beast_exploits_paypal_ssl/ -sc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
<<image002.jpg>>
<<image003.jpg>>
